Decrypting Ransomware: Need to Know Facts

May 23, 2017

A chain and padlock on a MacBook keyboardAlthough ransomware attacks have been on the rise for years, the proliferation of the WannaCry virus that disabled the computers of some 200,000+ victims in at least 150 counties provided a sobering reminder of the critical need to confront the threats we face online. This is especially pertinent given that the damage that ensued from this disaster was preventable. Following is an overview of how ransomware operates, and, moreover, the proactive measures you can take to avoid being another victim of this form of cyberattack:

What exactly is ransomware? Essentially, ransomware is malicious software that cybercriminals use to hijack a computer system for purposes of extortion. In the vast majority of ransomware attacks, hackers use encryption to lock the hard drives of infected computers and then make a demand for payment to restore the user’s access – along with a threat that files will be deleted if the ransom is not paid within days. Typically, a message appears on the computer screen with detailed instructions on how to pay the ransom using the digital currency bitcoin. Cybercriminals tend to favor this cryptocurrency because it is unregulated and nearly impossible to trace. While paying the ransom may get your files restored in some cases, this cannot be guaranteed.

How does it infect your computer and spread? Hackers often gain initial access to a computer system by getting a user to unwittingly download malware onto a device by clicking on a link or attachment in a fraudulent email or online pop-up message. They’re able to successfully carry out ransomware attacks on a network by taking advantage of flaws in an operating system or program to deliver the malicious code. In the case of WannaCry, the attackers exploited vulnerabilities in Microsoft Windows to spread the malware through computers linked through the Windows file-sharing system.  Prior to the May attack, Microsoft had been aware of this vulnerability in Windows, and had, in fact, issued a patch (or fix) for it. If the computer systems of those infected had been updated, the ransomware attack would have been thwarted.

How can you defend against a ransomware attack? The good news is that you can greatly reduce your risk of becoming a victim of this kind of cyberattack with a few key precautions.

Find out if you need to update your operating system: First, if you’re still using an old operating system like Windows XP on your PC, you would be well advised to upgrade to a newer version such as Windows 10. Although Microsoft issued an emergency patch (update) to fight the WannaCry virus, the company is no longer issuing regular security support for this operating system. And according to Wired magazine, hackers have targeted Windows XP for years due to its relative lack of defenses.

Run your updates: It’s understandable if you find messages on your computer screen prompting you to perform your updates mildly disruptive. But if you tend to ignore them, you need to understand that you’re putting your computer and files at risk. Companies issue updates to fix bugs in the software and to address security vulnerabilities they’ve discovered, so allowing your computer to perform these updates is critical. With regard to the WannaCry virus, Microsoft had issued a patch to protect users from it on March 14. If the organizations that were infected had performed updates on their systems, the virus would have never have had the opportunity to spread so virulently.

For simple instructions on how to make certain that your automatic updates are configured on your PC, visit http://bit.ly/ProtectYourPCWithAutomaticUpdates. You can find information on how to install updates on a Mac computer at http://bit.ly/CheckForandInstallUpdatesForMac.

Back up your files: If you make the effort to safely store a copy of your computer’s files, cybercriminals will have no way to deliver on their threat to delete your data. In the event your computer becomes infected, you can simply have your hard drive wiped clean and restore your files. Regardless of the threat of ransomware, it’s a good idea to back up your files to protect your documents, photos, videos, etc. from the corruption that occurs on computers over time. A few good options for storing backup copies of your files are: an external hard drive, an online storage provider such as Google Cloud Storage or a device as simple as a USB flash drive.

For a list of recommended external hard drives, see PC Magazine’s article “The Best External Hard Drives of 2017” at http://bit.ly/10BestExternalHardDrivesPCMagazine. Prefer the convenience of an online storage service? Take a look at the magazine’s article featuring “The Best Cloud Storage and File-Sharing Services of 2017” at http://bit.ly/BestCloudStorageProvidersPCMagazine.

Install antivirus software: By detecting and removing ransomware and other malware, antivirus software can be helpful in preventing your computer from a cyberattack. Just be aware that ransomware may be disguised as antivirus software, which is often advertised through pop-up windows. To play it safe, resist the urge to click on any links or pop-up ads for antivirus software. It’s better to type in the name of a trusted vendor directly into your browser in order to purchase the product. And in general, of course, be careful not to click on any links or download attachments from an email or website that appears suspicious in any way (e.g. it contains easy-to-spot spelling and grammatical errors).

Concerned about whether your financial institution has properly safeguarded your personal data from a ransomware attack? If so, you’ll be pleased to know that we are well protected from all malware attacks. SFPCU’s highly sophisticated Advanced Behavior and Threat Protection software helps keep our infrastructure secure. The software is just the latest in a series of significant security enhancements we’ve made within the past year as part of our ongoing commitment to invest in the most advanced, current and effective security technology to protect our members’ data.


  • Accessibility
  • Federally insured by the National Credit Union Administration
  • Equal Housing Opportunity
  • NMLS ID# 409710

APR = "Annual Percentage Rate". Actual APR is based on your credit profile and may be higher than the lowest rate available. Posted rates may include promotional discounts and other terms and conditions. APY = "Annual Percentage Yield". Rates are subject to change without notice.

SFPCU proudly provides banking and loan solutions including checking accounts, credit cards, auto loans and more for police, firefighters, EMTs and other first responders and law enforcement and their families in the Bay Area and beyond. Visit us at one of our branches in San Francisco, Pleasanton, San Mateo or Oakland, CA or check if you are eligible for membership and apply online today.

Site Design by ZAG Interactive. © 2016 SFPCU.